A team of researchers from Mozilla, the University of Iowa and the University of California
A study of the 100 most popular sites by Alexa ranking showed that 9040 of them (10.18%) use a code for hidden visitor identification. At the same time, if we consider the thousand most popular sites, then such a code was detected in 30.60% of cases (266 sites), and among sites ranked from thousandth to ten thousandth, in 24.45% of cases (2010 sites). Basically hidden identification is used in scripts provided by external services for
To identify the code that performs covert identification, a toolkit was developed
compared to a manually specified heuristic.
Many of the identified identification scripts were not in the typical block lists
After sending
For example, the use of residual data in the cache to identify information about the keyboard layout (getLayoutMap) was detected (using the Performance API, delays in returning data are analyzed, which makes it possible to determine whether the user accessed a specific domain or not, and whether the page was previously opened), permissions set in the browser (information about access to Notification, Geolocation and Camera API), the presence of specialized peripheral devices and rare sensors (gamepads, virtual reality helmets, proximity sensors). In addition, when identifying the presence of APIs specialized for certain browsers and differences in API behavior (AudioWorklet, setTimeout, mozRTCSessionDescription), as well as using the AudioContext API to determine the features of the sound system, it was fixed.
The study also examined the issue of violation of the regular functionality of sites in the case of the use of methods of protection against hidden identification, leading to blocking network requests or restricting access to the API. Selectively restricting the API to only scripts detected by FP-Inspector has been shown to result in less disruption than Brave and Tor Browser's more restrictive generic API call restrictions, potentially resulting in data leakage.
Source: opennet.ru